CVE-2023-24576
Description
EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution service (nsrexecd) irrespective of any auth used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Unauthenticated remote code execution in Dell NetWorker Client nsrexecd service, affecting versions 19.7.0.2 and earlier, fixed in 19.7.0.3 and later.
Vulnerability
The vulnerability resides in the NetWorker Client execution service (nsrexecd) component of Dell NetWorker and NVE. It allows an unauthenticated remote attacker to execute arbitrary code. Affected versions are 19.7.0.2 and earlier. The issue is present irrespective of any authentication used. [1]
Exploitation
An attacker can exploit this vulnerability over the network without authentication. No user interaction is required, and the attack complexity is low. The exact sequence of steps is not detailed in the advisory, but the service is exposed on the network. [1]
Impact
Successful exploitation leads to remote code execution with high impact on confidentiality (CVSS 7.5, vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). The attacker gains the ability to execute arbitrary code on the affected system, potentially accessing sensitive data. [1]
Mitigation
Dell has released fixed versions: 19.7.0.3, 19.7.1, 19.8, and 19.8.0.1. Users should update to these versions. As a workaround, delete the nsrdump binary from the system. [1]
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.